Azure AD sign in permissions prompt
I have a Cordova app (setup as a native app in Azure) using the ADAL plugin for Apache Cordova to authenticate against my tenant. The permissions given to the native app in Azure Portal are simply:
Custom API (which is setup as a web app / API in the same tenant) with delegated permission to "Access custom API"
Azure Active Directory with delegated permission to "Sign in and read user profile"
When signing in for the first time, a permission prompt is shown.
My question is, is it expected that users will always see the prompt the first time they login even though the native app and web API are on the same tenant?
Yes, the first time any user signs into your app they will need to consent.
If you are the tenant admin, you can consent for all users through admin consent. To do admin consent:
Construct a request with
&prompt=admin_consent.Navigate to the Azure Portal and go to App Registrations. Inside your app's blade, hit Grant Permissions.
- How do I login to an Azure AD Joined VM using Azure AD Credentials on an Windows Server 2019?
- Migrating from validate-jwt to validate-azure-ad-token policy
- Azure Permission - needed for creating resource group - RBAC
- Is it possible to have a non-interactive code that logs in to Azure and creates users in Microsoft Entra ID?
- Microsoft as OAuth2 provider for personal accounts does not issue JWT access tokens
- Updating App Registration's Configured permission without overwritten existing values
- Azure trusted signing Identity validation process stuck due to inability to upload required documents
- How to debug Bearer error="invalid_token"
- Azure global admin cannot(disabled) add roles under "Access Control(IAM)"
- Access and Modify SharePoint Online list using PnP.Powershell and AccessTokens / Registered App
- How to find the delay when I reset a password using Microsoft's Graph API?
- Outlook calendar don't render with FullCalendar
- Azure Remove User Consent to API
- .NET Core Multi Tenancy authentication
- Production slot not using Production as ASPNETCORE_ENVIRONMENT variable
- Microsoft Identity Web: Change Redirect Uri
- Authenticating to Azure application with JMeter
- How do I solve audience (aud) invalid claim error for downstream api service?
- invalid_request: The provided value for the input parameter 'redirect_uri' is not valid
- I am getting an error that OAuth2 Code has already been redeemed
- Generating token for Fabric Rest api using client secret
- AADSTS700016: Application with identifier 'XXX' was not found in the directory 'directory_name'
- Authenticate to SQL Server with Azure app service managed identity through group
- Why is my Azure AD token request returning HTTP 400 consent error for API permissions that have been granted?
- Azure AD:Authenticate Devices
- How to set Azure MSAL SSO for my Nextjs14 app using Approuter and next-auth
- Unable to Connect to Azure PostgreSQL Database via Point-to-Site VPN with Azure Active Directory on macOS
- How do I retrieve the service principal password after creation using the azure cli?
- Cannot create Azure B2C Tenant
- Accessing Graph API from multi tenant App Function via identity